Lucene search
K

164 matches found

OSV
OSV
added 4 days ago5 views

PYSEC-2026-387 LiteLLM has Server-Side Template Injection vulnerability in /completions endpoint

BerriAI/litellm is vulnerable to Server-Side Template Injection SSTI via the /completions endpoint. The vulnerability arises from the hfchattemplate method processing the chattemplate parameter from the tokenizerconfig.json file through the Jinja template engine without proper sanitization...

9.8CVSS7.7AI score0.01256EPSS
Exploits1References9
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: iomap: Also allocates sdiodonewq for async reads. Since commit 222f2c7c6d14 “iomap: always run error completions in user context”, read error completions are deferred to sdiodonewq. This means that the workqueue also needs to be...

5.8AI score0.00209EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 7:14 a.m.32 views

CVE-2026-52939

Linux kernel vulnerability CVE-2026-52939 affects RDS over InfiniBand. A NULL dereference can occur in rds_ib_send_cqe_handler() when handling masked atomic completions, due to rds_ib_send_unmap_op() not covering masked opcodes. The issue occurs because masked atomic opcodes (IB_WR_MASKED_ATOMIC_...

5.8AI score0.00164EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/23 4:49 p.m.39 views

CVE-2026-54009 Open WebUI: Cross-user file disclosure via /api/chat/completions image_url field

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, POST /api/chat/completions accepts an imageurl.url value that, when it does NOT start with http://, https://, or data:image/, is interpreted as a file id and resolved against the...

6.5CVSS0.00225EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/23 12:12 p.m.7 views

EUVD-2025-210308

picklescan before 0.0.29 fails to detect malicious pickle files using idlelib.autocomplete.AutoComplete.fetchcompletions in reduce methods. Attackers can embed undetected code in pickle files that executes arbitrary commands when loaded by victims...

8.1CVSS6.1AI score0.003EPSS
Exploits0References2
CVE
CVE
added 2026/06/23 12:12 p.m.12 views

CVE-2025-71376

CVE-2025-71376 affects the Python package picklescan prior to 0.0.29. The vulnerability arises because idlelib.autocomplete.AutoComplete.fetch_completions in reduce methods is not detected, allowing attackers to embed code in pickle files that executes arbitrary commands when loaded by victims. T...

8.1CVSS6.1AI score0.003EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/23 12:12 p.m.32 views

CVE-2025-71376 picklescan - Arbitrary Code Execution via Undetected idlelib.autocomplete.AutoComplete.fetch_completions

picklescan before 0.0.29 fails to detect malicious pickle files using idlelib.autocomplete.AutoComplete.fetchcompletions in reduce methods. Attackers can embed undetected code in pickle files that executes arbitrary commands when loaded by victims...

8.1CVSS0.003EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/21 9:15 a.m.8 views

EUVD-2026-38156

A security flaw has been discovered in BerriAI litellm up to 1.82.5. Affected is the function asyncprecallhook of the file enterprise/enterprisehooks/bannedkeywords.py of the component Completions Interface. The manipulation of the argument prompt results in incorrect authorization. The attack ma...

6.5CVSS6.1AI score0.00226EPSS
Exploits1References5
CVE
CVE
added 2026/06/21 9:15 a.m.12 views

CVE-2026-12797

Technical details about CVE-2026-12797 are not publicly available in the provided documents. Monitor for updates from official advisories and vendor notices to obtain affected products, vulnerable components, and remediation information.

6.5CVSS6.1AI score0.00226EPSS
Exploits1References5Affected Software1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: core: Validate channel ID when processing command completions MHI reads the channel ID from the event ring element sent by the device; this value can be any number between 0 and 255. To prevent out-of-bounds access, a...

7.8CVSS5.7AI score0.00231EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Track xmit submissions to PTP WQ after populating the metadata map. Ensure that the skb is available in the metadata mapping to skbs before tracking the metadata index to detect undelivered CQEs. If the metadata ind...

5.5CVSS5.3AI score0.00235EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix for crashes occurring upon reactivation of the regular task queue rq. When the regular task queue is reactivated after the XSK socket is closed, it may read stale cancellation requests cqes, which can eventual...

5.5CVSS6.3AI score0.00119EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: ipa: Fixed the issue where the event ring index was not properly programmed for IPA v5.0+. For IPA v5.0+ onwards, the event ring index field has been moved from CHCCNTXT0 to CHCCNTXT1. In IPA v5.0, this field was intended to...

7.5CVSS5.7AI score0.00353EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/06/17 2:11 p.m.13 views

Open WebUI: Cross-user file disclosure via /api/chat/completions image_url field

summary POST /api/chat/completions accepts an imageurl.url value that, when it does NOT start with http://, https://, or data:image/, is interpreted as a file id and resolved against the global file table with no ownership check. An authenticated user can therefore set imageurl.url to another...

6.5CVSS5.3AI score0.00366EPSS
Exploits2References2Affected Software1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel. This vulnerability arises from the manaib driver failing to disable vPort RX steering when destroying RSS QP. As a resul...

5.8AI score0.00129EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/15 7:20 p.m.46 views

CVE-2026-45349 Open WebUI: Broken Access Control for Completions API

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a user just needs to use the API endpoint: /api/chat/completions with their own API key generated in OWUI and the Chat ID of another user to continue the conversation of the other...

7.1CVSS0.00231EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/15 7:20 p.m.6 views

CVE-2026-45349

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a user just needs to use the API endpoint: /api/chat/completions with their own API key generated in OWUI and the Chat ID of another user to continue the conversation of the other...

7.1CVSS5.8AI score0.00231EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/15 7:20 p.m.9 views

CVE-2026-45349 Open WebUI: Broken Access Control for Completions API

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a user just needs to use the API endpoint: /api/chat/completions with their own API key generated in OWUI and the Chat ID of another user to continue the conversation of the other...

7.1CVSS5.8AI score0.00231EPSS
Exploits1References1
CVE
CVE
added 2026/05/15 7:20 p.m.23 views

CVE-2026-45349

Open WebUI had a broken access control issue for the completions API ( /api/chat/completions ) allowing a user to continue another user’s conversation if they knew the other user’s Chat ID. This privacy/policy bypass could expose private conversations. The issue affects prior to version 0.9.0 and...

7.1CVSS5.8AI score0.00231EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2026/05/15 7:20 p.m.16 views

EUVD-2026-30605

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a user just needs to use the API endpoint: /api/chat/completions with their own API key generated in OWUI and the Chat ID of another user to continue the conversation of the other...

7.1CVSS5.8AI score0.00231EPSS
Exploits1References1
Rows per page
Query Builder